Creating A Primary Private Vlan - Cisco WS-X6066-SLB-APC - Content Switching Module Software Manual

Catalyst 6000 series software configuration guide

Hide thumbs Also See for WS-X6066-SLB-APC - Content Switching Module:

Installation note (28 pages)

Table of Contents

Configuring Private VLANs

Creating a Primary Private VLAN

To create a primary private VLAN, perform this task in privileged mode:

Create the primary private VLAN.

Set the isolated, community, or two-way

community VLAN(s).

Bind the isolated, community, or two-way

community VLAN(s) to the primary VLAN.

Associate the isolated, community, or two-way

community port(s) to the primary private VLAN.

Map the isolated, community, or two-way

community VLAN to the primary private VLAN

on the promiscuous port.

Verify the primary private VLAN configuration.

Catalyst 6000 Family Software Configuration Guide—Releases 6.3 and 6.4

IGMP snooping and multicast shortcuts are not supported in private VLANs.

You cannot enable EtherChannel on isolated, community, or promiscuous ports.

You can apply different VACLs and quality of service (QoS) ACLs to primary, isolated, and

community VLANs.

For information on configuring ACLs, see the

section on page

Output ACLs need to be configured on both the two-way community VLANs and the primary

VLAN in order to be applied to all outgoing traffic from the MSFC.

If you map a Cisco IOS ACL to a primary VLAN, the Cisco IOS ACL automatically maps to the

associated isolated and community VLANs.

You cannot map Cisco IOS ACLs to an isolated or community VLAN.

You cannot use policy-based routing (PBR) on a private VLAN interface. You get an error message

if you try to apply a policy to a private VLAN interface using the ip policy route-map

route_map_name command.

You cannot set a VLAN to a private VLAN if the VLAN has dynamic access control entries (ACEs)

configured on it.

You can stop Layer 3 switching on an isolated or community VLAN by destroying the binding of

that VLAN with its primary VLAN. Deleting the corresponding mapping is not sufficient.

"Configuring ACLs on Private VLANs"

set vlan vlan pvlan-type primary

set vlan vlan pvlan-type {isolated | community

| twoway-community}

set pvlan primary_vlan {isolated_vlan |

community_vlan | twoway_community_vlan}

set pvlan primary_vlan {isolated_vlan |

community_vlan | twoway_community_vlan}

[mod/ports | sc0]

set pvlan mapping primary_vlan {isolated_vlan

| community_vlan | twoway_community_vlan}

show pvlan [vlan]

show pvlan mapping

Configuring VLANs

Show Quick Links

Table of Contents

Troubleshooting

Creating A Primary Private Vlan - Cisco WS-X6066-SLB-APC - Content Switching Module Software Manual

Creating a Primary Private VLAN

Hide quick links:

Troubleshooting

Related Manuals for Cisco WS-X6066-SLB-APC - Content Switching Module

Related Content for Cisco WS-X6066-SLB-APC - Content Switching Module

This manual is also suitable for:

Table of Contents